SAP Knowledge Base Article - Public

3180402 - SpringShell(Spring4Shell) vulnerability impact on SAP SuccessFactors

Symptom

  • Is SuccessFactors impacted by the SpringShell(Spring4Shell) vulnerability (CVE-2022-22963, CVE-2022-22965)?
  • Has any mitigation been applied in SuccessFactors for the vulnerability?

Environment

SAP SuccessFactors HXM Suite

Resolution

SAP Security teams are aware of the SpringShell vulnerabilities and are looking into it with the highest priority across all products in SAP Landscape, including SuccessFactors.

All information on this topic will be published via this SAP Trust Center document- https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5031.pdf
The same will continue to be updated regularly.

Note: Queries on this topic are not being handled through Support tickets. Further updates will continue to be published via the SAP Trust Center link above.

Keywords

SpringShell,Spring4Shell,SuccessFactors,vulnerability,BizX,CVE-2022-22963,CVE-2022-22965 , KBA , LOD-SF-PLT-SEC , Security Reports , Problem

Product

SAP SuccessFactors HXM Suite 2111